<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Admin Dế Mèn Phiêu Lưu Ký</title>
<link rel="stylesheet" href="css/screen.css" type="text/css" media="screen" title="default" />
<!--  jquery core -->
<script src="js/jquery/jquery-1.4.1.min.js" type="text/javascript"></script>

<!-- Custom jquery scripts -->
<script src="js/jquery/custom_jquery.js" type="text/javascript"></script>

<!-- MUST BE THE LAST SCRIPT IN <HEAD></HEAD></HEAD> png fix -->
<script src="js/jquery/jquery.pngFix.pack.js" type="text/javascript"></script>
<script type="text/javascript">
$(document).ready(function(){
$(document).pngFix( );
});
</script>

</head>
<body id="login-bg"> 
<!-- Start: login-holder -->
<div id="login-holder">

	<!-- start logo -->
	<div id="logo-login">
		<a href="index.html"></a>
	</div>
	<!-- end logo -->
	
	<div class="clear"></div>
	
	<!--  start loginbox ................................................................................. -->
	<div id="loginbox">
	
	<!--  start login-inner -->
	<div id="login-inner">
    <?php
		if(isset($_POST['ok']))
		{
		$u=$p="";
		 if($_POST['tb_username'] == NULL)
		 {
			echo "Please enter your username<br />";
		 }
		 else
		 {
			$u=$_POST['tb_username'];
		 }
		 if($_POST['tb_password'] == NULL)
		 {
			echo "Please enter your password<br />";
		 }
		 else
		 {
			$p=$_POST['tb_password'];
		 }
		 if($u && $p)
		 {
			  include("includes/connect.php");
			  $sql="select * from user where username='".$u."' and password='".$p."'";
			  $query=mysql_query($sql);
			  if(mysql_num_rows($query) == 0)
			  {
					echo "Username or password is not correct, please try again";
			  }
			  else
			  {
				
				   $row=mysql_fetch_array($query);
				   session_start();
				   $_SESSION['usercode'] = $row["id"];
				   $_SESSION['userid'] = $row["username"];
				   $_SESSION['level'] = $row["level"];
				    
				   echo "Bạn không đủ quyền để vào trang quản trị của admin !"."<br>";
				   if($_SESSION['level']==2)
				   {
					   header("location: index.php");
					  
				   }
		  }
		 }
		}
	?>
    	<form class="admin_login" action="login.php" method="post">
            <table border="0" cellpadding="0" cellspacing="0">
            <tr>
                <th>Username</th>
                <td><input type="text" name="tb_username"  class="login-inp" /></td>
            </tr>
            <tr>
                <th>Password</th>
                <td><input type="password" name="tb_password" value="************"  onfocus="this.value=''" class="login-inp" /></td>
            </tr>
            <tr>
                <th></th>
                <td valign="top"><input type="checkbox" class="checkbox-size" id="login-check" /><label for="login-check">Remember me</label></td>
            </tr>
            <tr>
                <th></th>
                <td><input type="submit" name="ok" class="submit-login"  /></td>
            </tr>
            </table>
        </form>
	</div>
 	<!--  end login-inner -->
	<div class="clear"></div>
	<a href="" class="forgot-pwd">Forgot Password?</a>
 </div>
 <!--  end loginbox -->
 
	<!--  start forgotbox ................................................................................... -->
	<div id="forgotbox">
		<div id="forgotbox-text">Please send us your email and we'll reset your password.</div>
		<!--  start forgot-inner -->
		<div id="forgot-inner">
		<table border="0" cellpadding="0" cellspacing="0">
		<tr>
			<th>Email address:</th>
			<td><input type="text" value=""   class="login-inp" /></td>
		</tr>
		<tr>
			<th> </th>
			<td><input type="button" class="submit-login"  /></td>
		</tr>
		</table>
		</div>
		<!--  end forgot-inner -->
		<div class="clear"></div>
		<a href="" class="back-login">Back to login</a>
	</div>
	<!--  end forgotbox -->

</div>
<!-- End: login-holder -->
</body>
</html>